Hi all

Reading around the forum, and elsewhere on the web, it seems that IMAP logins to Office 365 mailboxes can be troublesome. In the context of Limesurvey it can also be a problem for outgoing SMTP, but in my situation I am having difficulty with bounce processing via IMAP from LS 4.3.22+201019 (php 7.0) to Office 365 and am keen to see if anyone has any advice they can offer?

A very similar problem appears in the thread below from a couple of years ago, but alas no solutions then, but maybe someone has worked it out since?

forums.limesurvey.org/forum/installation...-working-for-bounces

Bounce processing works fine when connected to a different non-MS mailbox (although the UI button itself is broken in LS4 and you have to use the underlying URL to process bounces, but that's another story!) so I know that the basics are sound.

I am also able to happily connect to the relevant o365 mailbox via IMAP using Thunderbird, so I know the credentials are correct.

Finally, "basic authentication" is already enabled in o365, which is a bit like the "less secure apps" setting in gmail.

Try as I might however, I can't get Limesurvey to connect to process bounces and the error message I get back is:

Can not authenticate to IMAP server: AUTHENTICATE failed.

There is clearly some sort of authentication issue, but I can't work out how to troubleshoot it, or whether it is a Limesurvey problem or a PHP mail issue.

Anyone know an answer to this conundrum, or at the very least where in the php files or the db I could go to in order to start tinkering with IMAP settings under the hood?

Thanks in advance for anyone who can shed any light on this for me!

No solution for the actualy problem, but you should currently not use LS 4.x for production. Stay with LS 3.x LTS for the next couple of months. There are just too many bugs in LS 4.x which will take a while to be fixed. Not sure if what you describe is a bug, because Office 365 / Exchange always caused problems, but there are many other bugs that will make your life harder.

What IMAP server/settings are you using? I didn't try with shared mailbox but ordinary user mailbox works fine for me on our Office 365 tenant. I'm using outlook.office365.com:993 for server and SSL for encryption. You need to have Basic Authentication for IMAP enabled. If 2FA is enabled you would also need to use Office 365 App Passwords probably. Mailbox need to have any of licenses with the Exchange Online plan assigned (K1, F3, E1, E3, etc).

The only two issues I'm having is that bounce processing sometimes timeouts if there are dozen of bounces to process. In these cases I just restart the process and it continues where left off. And another issue is that if I set processing to POP mode it doesn't really delete email message in the mailbox even though LimeSurvey documentations states that it should.

Hope this helps.

Just checked LimeSurvey code. It seems that there is a mismatch in what user interface says and what is actually used technically. In order for bounce mailbox to work you need to set "outlook.office365.com:993" as a hostname and "SSL" as an encryption option. Do not select "TLS" as it is actually StartTLS which is not supported by Office365 for IMAP.

ViliusS wrote: Do not select "TLS" as it is actually StartTLS which is not supported by Office365 for IMAP.

Is there bug report? TLS should not be StartTLS. Since you already had a look into the sourcecode where should we look?

Without looking at the LimeSurvey implementation, the phpmailer class is using opportunistic TLS.

If LimeSurvey GUI would relable SSL to SSL/TLS and TLS to "StartTLS" the current behavior might be correctly labeled.


//Set the encryption mechanism to use - STARTTLS or SMTPS
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; or PHPMailer::ENCRYPTION_SMTPS

Sorry, I cannot create bug reports as Mantis doesn't allow me to login with Github account as this forum does.

However, I've already created a pull request regarding this issue: github.com/LimeSurvey/LimeSurvey/pull/1639

All information regarding source code is in the commit message.